As i remember is, 2013 was a misconfiguration. Four IPs were set up to handle the traffic, but they messed up one of the IPs and left it routing locally, people worked this out...
For example (not proper ips):
Server 1 - 123.456.789.10
Server 2 - 123.456.789.11
Server 3 - 123.456.789.12
Server 4 - 192.168.789.13
People saw the 192.168..., realised they had misconfigured it (192.168 is for your own computer locally, not a web address) and then correctly guessed that if they used (in this example) 123.456.789.13 - they would get straight in to an empty server. I remember it vividly as i didn't get a ticket whilst i knew mates who got multiple groups of 12 (at the time).
This year is slightly different as people have host hack targeted other see servers that were never intended to be used for the sale.